Re: [Exim] Rejecting Email with bad sender MX

Top Page
Delete this message
Reply to this message
Author: Rick Ballard
Date:  
To: exim-users
Subject: Re: [Exim] Rejecting Email with bad sender MX
I am beginning to see that there is probably no
way of doing exactly what I want to do.

The problems here are 
    (1) that all the sender addresses verify, but 
the sender has a purposely invalid MX record. 
This is a new (to me) and insidious spammer 
behaviour. 
    (2) I am trying to stop mail coming FROM 
someone with an invalid MX record, because it is 
probably spam.


If MX=127.0.0.1, then it can be caught by
sender_verify, but if, for example,
MX=192.168.1.1, it looks OK to EXIM. Even,
worse, they could set the MX to point to any
random address they want, and I guess there
would be no way of trapping it.

AFAIK, sender_verify doesn't check the MX
record, except to see if it points to the local
host. Even though all other addresses can be
verified, no mail can be sent back them, and
they apparently don't want any mail sent back to
them. This can be used as a spam signature,
using one of their own tricks against them by
failing any incoming mail with the invalid MX
signature.

I can't find anything in the EXIM manual about
checking the MX record of the sender of an
incoming message, except for pointing to the
local host.

BTW, the mail probably is arriving via direct
injection - but is passing all three mail-
abuse.org RBL lists.

I also have the following, but these generate
warnings only for MX=127.0.0.1. I was not able
to enable sender_verify_reject due to non-spam
email being rejected.

sender_verify = true
sender_verify_fixup = true
sender_try_verify=true
sender_verify_reject = false

--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Rick Ballard            Rick.Ballard@???
Halifax, Nova Scotia, Canada    http://www3.ns.sympatico.ca/Rick.Ballard